package com.zyj.ssm.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{
	
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		super.configure(http);
		http.authorizeRequests()  
        .antMatchers("/user/", "/user/home").permitAll()   
        .antMatchers("/user/admin/**").access("hasRole('ADMIN')")  
        .antMatchers("/user/db/**").access("hasRole('ADMIN') and hasRole('DBA')")  
        .and().formLogin().loginPage("/user/login") 
        .usernameParameter("zs").passwordParameter("zs123")  
        .and().csrf() 
        .and().exceptionHandling().accessDeniedPage("/Access_Denied");;
	}

	@Autowired
	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
		auth.inMemoryAuthentication().withUser("ls").password("123456").roles("USER");
		auth.inMemoryAuthentication().withUser("bill").password("abc123").roles("USER");  
        auth.inMemoryAuthentication().withUser("admin").password("root123").roles("ADMIN");  
        auth.inMemoryAuthentication().withUser("dba").password("root123").roles("ADMIN","DBA");
	}
 
}
